Adding a Custom Authentication Filter

Update

Please for the love of all that is holy, don't do this. There are many great solutions out there now. I recommend Azure AD (cheap), Auth0(freeish), or Identity Server(open sou). This was a pretty terrible implementation that was meant as a stopgap.

Scenario

Circular References FTL

The Challenge

I was building a standard ASP.NET EntityFramework / WebApi / Swagger project. Attempting something a bit new, I decided my controller would return a CreatedAtRoute HttpActionResult. The code goes something a little like this: